5 thoughts
last posted Nov. 30, 2014, 11:24 p.m.

4 earlier thoughts


This week I have dived into the logging setup within systemd. Logging now feels like such a 'solved problem' within my systemd experiments. My sufficiently complex multi-machine vagrant setup can have makeshift log aggregation using journalctl, netcat, and socat.

log-server dot sh, running on my host machine:

  socat -u tcp-l:8888,reuseaddr,fork STDOUT

log-agent dot sh, running on each machine:

 DATE="`date '+%Y-%m-%d %H:%M:%S'`"
 journalctl -f --since="$DATE" | nc hostip 8888

This is, of course, not a solution specific to systemd or binary logging formats. However, journalctl seems to double as a simple logging agent itself; allowing streaming, filtering, cursors, and multiple output formats (json, single line, etc).

We can further extend log-agent, to include the hostname or other metadata:

 DATE="`date '+%Y-%m-%d %H:%M:%S'`"
  journalctl -f --since="$DATE" \
     | sed  -u "s,^,[ `hostname` ] ,g" \
     | nc hostip 8888

Finally, I would love to replace nc with socat everywhere, using OPENSSL: and OPENSSL-LISTEN to encrypt the logging traffic as it goes from log-agent to log-server.